NIS2-DIRECTIVE-DETAIL
NIS2 Directive detail compliance regulation modern detailed.
Définition
NIS2 Directive detail couvre les details techniques + scope + obligations de l'EU Directive (EU) 2022/2555 publiee 14 decembre 2022 (entry into force 16 janvier 2023, Member States transposition deadline 17 octobre 2024) qui remplace NIS Directive 1 (2016/1148) + etend significativement scope cybersecurity requirements (~160000+ entities in-scope vs ~10000 NIS1 estimees), comprend Essential Entities (EE) + Important Entities (IE) categorisation + 10 sectors couverts elargis (energy + transport + banking + financial market infrastructure + health + drinking water + waste water + digital infrastructure + ICT service management + public administration + space). Detail technique + scope d'application + obligations conformite + sanctions non-conformite + processus reporting + impact entreprises in-scope + alignement avec regulations adjacentes nationales + internationales + governance + supervisory authorities + timeline implementation + transitions + jurisprudence + best practices documentation industry adoption.
Origine
EU Directive 2022/2555 NIS2 published 14 decembre 2022 ; transposition deadline 17 octobre 2024 ; ~160000+ in-scope entities EU estimees.
Exemple en contexte
Medium-sized German cloud SaaS provider classified Important Entity NIS2 (50-249 employees + over EUR 10M revenue + digital infrastructure sector) : (1) Implements cybersecurity risk management measures (Article 21 NIS2 - risk analysis + incident handling + business continuity + supply chain security + security in network + information systems + policies + cryptography + access controls + human resources security + MFA + multi-factor authentication), (2) Incident reporting (significant incidents : 24-hour early warning + 72-hour incident notification + 1-month final report to German BSI), (3) Management body accountability (executive personally liable for non-compliance).
Termes liés
- NIS2 Directive — summary version.